The following are the steps to follow to obtain and install a server certificate, and verify that it works.
- Create a Certificate Signing Request (CSR) and send it to a Certificate Authority for signing. This provides the highest level of trust to the client, as the client can be assured that the certificate it receives from the server (in this case, FortiADC) was approved (i.e., digitally signed) by a trusted third party. Thus, the client has the assurance of a third party that the server to which it is connecting is identifying itself legitimately (and is not impersonating the legitimate server’s identity). See Generating a CSR and Getting It Signed by a CA.
- Create a certificate and sign it yourself. This provides a lower level of trust, since the client is essentially trusting the server to identify itself. Self-signed certificates are relatively easy to counterfeit, and are only recommended for use on internal, non-production, or test configurations. See Generating a Self-Signed Certificate.
For more information on SSL parameters, see the section Layer 7 SSL Security (HTTPS Clusters).
Once you accept the certificate, the requested page should be displayed.